Australia will be the guinea pig for Microsoft's plans to make Internet Explorer (IE) updates silent to users from next month.
Microsoft, beginning January, will upgrade Windows customers to the latest version of IE in a move to embrace what is known as “silent updates”.
Microsoft has followed the steps of Google, which pioneered the concept for its Chrome web browser in 2009, and Mozilla, which announced recently it is working on a mechanism for automatic Firefox updates.
Microsoft is aiming to protect users from threats, such as social-engineered malware, which often targets out-of-date web browsers, Ryan Gavin, senior director of IE, said.
“The web overall is better – and safer – when more people run the most up-to-date browser,” he said.
“Our goal is to make sure that Windows customers have the most up-to-date and safest browsing experience possible, with the best protections against malicious software, such as malware.”
Industry experts agreed that silent updates are a step forward for security.
“Silent updating is generally seen as a big improvement to security on the internet,” Wolfgang Kandek, CTO of vulnerability management firm Qualys said.
Kandek referenced a study conducted by researchers at the Swiss technical university ETH, which found that 97 per cent of Chrome users updated their browser within three weeks of a new version release, compared to 85 per cent of Firefox users, 53 per cent of those using Apple Safari, and 24 per cent of Opera users. Silent updates allow systems to stay secure “most of the time,” take some of the onus for security off users, and shorten the window of opportunity attackers have to use known exploits against outdated browsers, according to the study.
Microsoft said that beginning in January, IE will be silently upgraded for customers who have opted-in to automatic updates on the Windows Update service.
It will begin first with customers in Australia and Brazil, then “take a measured approach, scaling up over time.”
The silent update will eliminate the pop-up window that currently allows users to opt-out or postpone available browser upgrades, Kandek said.
Users who have declined previous installations of IE8 and 9 will not be automatically updated.
Additionally, customers can uninstall updates and continue to receive support for the copy of IE they purchased with Windows.
Enterprise users who tightly control their patches will not be affected, as they will still have full control over the versions of their browsers, Kandek said.